Information Security Analyst presso Exotel Techcom Pvt Ltd
Exotel Techcom Pvt Ltd · Bengaluru, India · Onsite
- Professional
- Ufficio in Bengaluru
Location: Bengaluru,None,None
About Us:
Exotel is the emerging market’s leading full-stack customer engagement platform and business-focused virtual telecom operator. Incorporated in 2011, Exotel’s cloud-based product suite powers 50 million daily engagements across voice, video and messaging channels. Exotel powers unified customer engagement to over 6000 companies in 60+ countries, including India, SE Asia, the Middle East, and Africa.
Today, some of the fastest-growing companies in the emerging markets (Ola, Swiggy, Flipkart, GoJek, Byju’s, Urban Company, HDFC Bank, Zomato, Oyo, etc.) manage their customer engagement with Exotel’s suite of a communication API, Ameyo’s omnichannel contact centre (merger), and Cogno AI‘s conversational AI platform (acquisition) over the cloud. We are a $100 million Series D funded company with $60 million in ARR.
Role Overview
We are seeking an experienced Information Security Consultant – GRC to strengthen our information security posture and ensure compliance with regulatory and client requirements. The role involves handling client RFPs and audits, collaborating with cross-functional teams, and conducting ITGC control testing to maintain security assurance and trust with clients.
Key Responsibilities
Lead and manage client RFPs, security due diligence, and vendor assessments, ensuring accurate and timely responses.
Coordinate and support client security audits, including evidence collection, remediation tracking, and closure.
Collaborate with Sales, Infrastructure, Engineering, and Operations teams to align client commitments with internal controls.
Perform IT General Controls (ITGC) testing, risk assessments, and gap analysis across systems and processes.
Maintain and update ISMS policies, SOPs, and compliance documentation in line with ISO 27001, SOC 2, RBI, and DPDP requirements.
Track, monitor, and report GRC metrics, risks, and control effectiveness to leadership.
Support internal and external audits, ensuring timely remediation of identified issues.
Drive awareness and training programs to strengthen compliance culture across teams.
Key Skills & Competencies
Strong understanding of ITGC controls, risk management, and compliance frameworks (ISO 27001, SOC 2, RBI, GDPR/DPDP).
Experience handling client-facing RFPs, due diligence, and security audits.
Ability to collaborate effectively with Sales, Infra, and technical teams.
Excellent documentation, stakeholder communication, and presentation skills.
Strong analytical mindset with the ability to identify risks and recommend mitigation.
Qualifications & Experience
Bachelor’s degree in Computer Science, Information Security, or related field.
4–8 years of experience in Information Security GRC or related roles.
- Hands-on experience with Burpsuite, Nexus, Sonarqube or any other similar tool.
Hands-on knowledge of ITGC testing and audit processes.
Relevant certifications preferred: CISA, ISO 27001 LA/LI, CISSP (preferred), or equivalent.